package com.example.mine.controller;

import com.example.mine.service.LoginService;
import com.example.mine.util.ResultUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("admin")
public class LoginController {

    @Autowired
    private LoginService loginService;

    @RequestMapping("/login")
    public String login(@RequestParam("username")String username,@RequestParam("password") String password){
        // 从SecurityUtils里边创建一个 subject
        Subject subject = SecurityUtils.getSubject();
        // 在认证提交前准备 token（令牌）
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        // 执行认证登陆
        try {
            subject.login(token);
        } catch (UnknownAccountException uae) {
            return "未知账户";
        } catch (IncorrectCredentialsException ice) {
            return "密码不正确";
        } catch (LockedAccountException lae) {
            return "账户已锁定";
        } catch (ExcessiveAttemptsException eae) {
            return "用户名或密码错误次数过多";
        } catch (AuthenticationException ae) {
            return "用户名或密码不正确！";
        }
        if (subject.isAuthenticated()) {
            return "登录成功";
        } else {
            token.clear();
            return "登录失败";
        }
    }


    @RequestMapping("401")
    public String toLogin() {
        return "401页面,您先去登陆吧！";
    }

    @RequestMapping("index")
    public String index() {
        return "index主页";
    }

    @RequiresPermissions("sys:role:list")
    @RequestMapping("list")
    public String list() {
        return "list";
    }

    @RequiresPermissions("user:add")
    @RequestMapping("add")
    public String add() {
        return "add";
    }

    @RequestMapping("unAuth")
    public String unAuth() {
        return "未认证";
    }

}
